9.3 - SUN-103141

Executive Summary

Summary
Title	Sun Alert 103141 Manipulated Database Documents for StarOffice/StarSuite 8 May Lead to Arbitrary Code Execution

Informations
Name	SUN-103141	First vendor Publication	2007-12-07
Vendor	Sun	Last vendor Modification	2007-12-11
Severity (Vendor)	N/A	Revision	N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score	9.3	Attack Range	Network
Cvss Impact Score	10	Attack Complexity	Medium
Cvss Expoit Score	8.6	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Product: StarOffice 8 Software

A security vulnerability in HSQLDB (the default database engine shipped with StarOffice 8), may allow a remote unprivileged user who provides a StarOffice database document that is opened by a local user to execute arbitrary Java code on the system with the privileges of the user running StarOffice/StarSuite 8.

This issue is also described in the following document:

CVE-2007-4575 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=2007-4575

Avoidance: Patch

State: Resolved

First released: 07-Dec-2007

Sun Alert Link:http://sunsolve.sun.com/search/document.do?assetkey=1-26-103141-1

Original Source

Url : http://blogs.sun.com/security/entry/sun_alert_103141_manipulated_database

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-94	Failure to Control Generation of Code ('Code Injection')

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10153

Oval ID:	oval:org.mitre.oval:def:10153
Title:	HSQLDB before 1.8.0.9, as used in OpenOffice.org (OOo) 2 before 2.3.1, allows user-assisted remote attackers to execute arbitrary Java code via crafted database documents, related to "exposing static java methods."
Description:	HSQLDB before 1.8.0.9, as used in OpenOffice.org (OOo) 2 before 2.3.1, allows user-assisted remote attackers to execute arbitrary Java code via crafted database documents, related to "exposing static java methods."
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2007-4575	Version:	5
Platform(s):	Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5	Product(s):
Definition Synopsis:
OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section openoffice.org2-langpack-lt_LT is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-langpack-nn_NO is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-langpack-ga_IE is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-langpack-zh_CN is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-javafilter is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-langpack-he_IL is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-draw is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-langpack-ko_KR is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-langpack-ca_ES is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-base is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-langpack-fr is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-langpack-pa_IN is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-langpack-da_DK is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-emailmerge is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-langpack-pt_PT is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-langpack-es is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-langpack-sv is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-langpack-ms_MY is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-langpack-cs_CZ is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-xsltfilter is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-langpack-ja_JP is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-langpack-hu_HU is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-langpack-zh_TW is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-langpack-sl_SI is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-langpack-de is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-pyuno is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2 is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-langpack-tr_TR is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-impress is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-langpack-ar is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-langpack-bn is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-langpack-pt_BR is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-langpack-af_ZA is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-langpack-pl_PL is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-calc is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-langpack-zu_ZA is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-langpack-fi_FI is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-langpack-sk_SK is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-langpack-hi_IN is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-langpack-nb_NO is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-langpack-th_TH is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-langpack-et_EE is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-langpack-gl_ES is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-langpack-it is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-langpack-hr_HR is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-langpack-ta_IN is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-langpack-gu_IN is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-testtools is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-langpack-eu_ES is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-langpack-el_GR is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-core is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-langpack-ru is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-langpack-bg_BG is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-langpack-nl is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-langpack-sr_CS is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-langpack-cy_GB is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-math is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-graphicfilter is earlier than 1:2.0.4-5.7.0.3.0 AND openoffice.org2-writer is earlier than 1:2.0.4-5.7.0.3.0 OR OS Section: RHEL5, CentOS5, Oracle Linux 5 RHEL5, CentOS5 or Oracle Linux 5 The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x AND Oracle Linux 5.x AND Configuration section hsqldb-manual is earlier than 1:1.8.0.4-3jpp.6 AND openoffice.org-langpack-sk_SK is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-zu_ZA is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-pa_IN is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-hi_IN is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-et_EE is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-kn_IN is earlier than 1:2.0.4-5.4.25 AND openoffice.org is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-zh_TW is earlier than 1:2.0.4-5.4.25 AND openoffice.org-writer is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-ve_ZA is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-ga_IE is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-ta_IN is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-ko_KR is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-or_IN is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-da_DK is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-sr_CS is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-pl_PL is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-fr is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-ts_ZA is earlier than 1:2.0.4-5.4.25 AND openoffice.org-javafilter is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-as_IN is earlier than 1:2.0.4-5.4.25 AND openoffice.org-testtools is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-hr_HR is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-de is earlier than 1:2.0.4-5.4.25 AND openoffice.org-emailmerge is earlier than 1:2.0.4-5.4.25 AND openoffice.org-xsltfilter is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-tn_ZA is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-te_IN is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-sv is earlier than 1:2.0.4-5.4.25 AND openoffice.org-base is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-ca_ES is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-nr_ZA is earlier than 1:2.0.4-5.4.25 AND openoffice.org-core is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-nl is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-ur is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-nn_NO is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-ar is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-ja_JP is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-gu_IN is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-tr_TR is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-eu_ES is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-fi_FI is earlier than 1:2.0.4-5.4.25 AND openoffice.org-graphicfilter is earlier than 1:2.0.4-5.4.25 AND openoffice.org-pyuno is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-ml_IN is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-gl_ES is earlier than 1:2.0.4-5.4.25 AND hsqldb-javadoc is earlier than 1:1.8.0.4-3jpp.6 AND openoffice.org-langpack-zh_CN is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-xh_ZA is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-it is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-es is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-nb_NO is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-sl_SI is earlier than 1:2.0.4-5.4.25 AND openoffice.org-draw is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-nso_ZA is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-ms_MY is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-el_GR is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-hu_HU is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-ss_ZA is earlier than 1:2.0.4-5.4.25 AND hsqldb is earlier than 1:1.8.0.4-3jpp.6 AND openoffice.org-langpack-bn is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-he_IL is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-pt_PT is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-lt_LT is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-af_ZA is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-bg_BG is earlier than 1:2.0.4-5.4.25 AND openoffice.org-calc is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-cs_CZ is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-cy_GB is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-mr_IN is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-th_TH is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-pt_BR is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-ru is earlier than 1:2.0.4-5.4.25 AND hsqldb-demo is earlier than 1:1.8.0.4-3jpp.6 AND openoffice.org-math is earlier than 1:2.0.4-5.4.25 AND openoffice.org-impress is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-st_ZA is earlier than 1:2.0.4-5.4.25

Definition Id: oval:org.mitre.oval:def:18383

Oval ID:	oval:org.mitre.oval:def:18383
Title:	DSA-1419-1 openoffice.org
Description:	A vulnerability has been discovered in HSQLDB, the default database engine shipped with OpenOffice.org. This could result in the execution of arbitrary Java code embedded in a OpenOffice.org database document with the user's privilege. This update requires an update of both openoffice.org and hsqldb.
Family:	unix	Class:	patch
Reference(s):	DSA-1419-1 CVE-2007-4575	Version:	7
Platform(s):	Debian GNU/Linux 4.0	Product(s):	openoffice.org hsqldb
Definition Synopsis:
Debian GNU/Linux 4.0 is installed. Packages match section openoffice.org DPKG is earlier than 2.0.4.dfsg.2-7etch4 AND hsqldb DPKG is earlier than 1.8.0.7-1etch1

Definition Id: oval:org.mitre.oval:def:22393

Oval ID:	oval:org.mitre.oval:def:22393
Title:	ELSA-2007:1048: openoffice.org, hsqldb security update (Moderate)
Description:	HSQLDB before 1.8.0.9, as used in OpenOffice.org (OOo) 2 before 2.3.1, allows user-assisted remote attackers to execute arbitrary Java code via crafted database documents, related to "exposing static java methods."
Family:	unix	Class:	patch
Reference(s):	ELSA-2007:1048-01 CVE-2003-0845 CVE-2007-4575	Version:	13
Platform(s):	Oracle Linux 5	Product(s):	hsqldb openoffice.org
Definition Synopsis:
Oracle Linux 5.x rpm test hsqldb-javadoc is earlier than 1:1.8.0.4-3jpp.6 AND hsqldb-manual is earlier than 1:1.8.0.4-3jpp.6 AND hsqldb is earlier than 1:1.8.0.4-3jpp.6 AND hsqldb-demo is earlier than 1:1.8.0.4-3jpp.6 AND openoffice.org-langpack-xh_ZA is earlier than 1:2.0.4-5.4.25 AND openoffice.org is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-tn_ZA is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-af_ZA is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-tr_TR is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-te_IN is earlier than 1:2.0.4-5.4.25 AND openoffice.org-calc is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-ss_ZA is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-ml_IN is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-nl is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-nn_NO is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-ta_IN is earlier than 1:2.0.4-5.4.25 AND openoffice.org-testtools is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-nb_NO is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-it is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-el_GR is earlier than 1:2.0.4-5.4.25 AND openoffice.org-base is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-da_DK is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-ca_ES is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-es is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-cs_CZ is earlier than 1:2.0.4-5.4.25 AND openoffice.org-draw is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-ar is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-sl_SI is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-nr_ZA is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-kn_IN is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-as_IN is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-ts_ZA is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-ja_JP is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-pt_PT is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-sk_SK is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-ru is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-zh_TW is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-st_ZA is earlier than 1:2.0.4-5.4.25 AND openoffice.org-xsltfilter is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-cy_GB is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-fi_FI is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-pa_IN is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-he_IL is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-ms_MY is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-bn is earlier than 1:2.0.4-5.4.25 AND openoffice.org-graphicfilter is earlier than 1:2.0.4-5.4.25 AND openoffice.org-pyuno is earlier than 1:2.0.4-5.4.25 AND openoffice.org-writer is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-bg_BG is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-pl_PL is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-hr_HR is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-hi_IN is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-fr is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-pt_BR is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-gu_IN is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-zu_ZA is earlier than 1:2.0.4-5.4.25 AND openoffice.org-math is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-ur is earlier than 1:2.0.4-5.4.25 AND openoffice.org-core is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-mr_IN is earlier than 1:2.0.4-5.4.25 AND openoffice.org-impress is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-gl_ES is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-et_EE is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-ko_KR is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-hu_HU is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-nso_ZA is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-sr_CS is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-or_IN is earlier than 1:2.0.4-5.4.25 AND openoffice.org-emailmerge is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-ve_ZA is earlier than 1:2.0.4-5.4.25 AND openoffice.org-javafilter is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-lt_LT is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-eu_ES is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-th_TH is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-zh_CN is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-sv is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-ga_IE is earlier than 1:2.0.4-5.4.25 AND openoffice.org-langpack-de is earlier than 1:2.0.4-5.4.25

CPE : Common Platform Enumeration

Type	Description	Count
Application	Openoffice cpe:2.3:a:openoffice:openoffice:2.2.1:::::::* cpe:2.3:a:openoffice:openoffice:2.2:::::::* cpe:2.3:a:openoffice:openoffice:2.1:::::::* cpe:2.3:a:openoffice:openoffice:2.0beta:::::::* cpe:2.3:a:openoffice:openoffice:2.0.4:::::::* cpe:2.3:a:openoffice:openoffice:2.0.3_rc6:::::::* cpe:2.3:a:openoffice:openoffice:2.0.3_rc5:::::::* cpe:2.3:a:openoffice:openoffice:2.0.3_rc4:::::::* cpe:2.3:a:openoffice:openoffice:2.0.3_rc3:::::::* cpe:2.3:a:openoffice:openoffice:2.0.3_1:::::::* cpe:2.3:a:openoffice:openoffice:2.0.3:::::::* cpe:2.3:a:openoffice:openoffice:2.0.2_rc4:::::::* cpe:2.3:a:openoffice:openoffice:2.0.2_rc3:::::::* cpe:2.3:a:openoffice:openoffice:2.0.2_rc2:::::::* cpe:2.3:a:openoffice:openoffice:2.0.2_rc1:::::::* cpe:2.3:a:openoffice:openoffice:2.0.2:::::::* cpe:2.3:a:openoffice:openoffice:2.0.1:::::::* cpe:2.3:a:openoffice:openoffice:2.0.0_rc3:::::::* cpe:2.3:a:openoffice:openoffice:2.0.0_rc2:::::::* cpe:2.3:a:openoffice:openoffice:2.0.0_rc1:::::::* cpe:2.3:a:openoffice:openoffice:2.0.0:::::::* cpe:2.3:a:openoffice:openoffice:2.0:::::::* cpe:2.3:a:openoffice:openoffice:1.1.5:::::::* cpe:2.3:a:openoffice:openoffice:1.1.4:::::::* cpe:2.3:a:openoffice:openoffice:1.1.3:::::::* cpe:2.3:a:openoffice:openoffice:1.1.2:::::::* cpe:2.3:a:openoffice:openoffice:1.1.1b:::::::* cpe:2.3:a:openoffice:openoffice:1.1.1a:::::::* cpe:2.3:a:openoffice:openoffice:1.1.1:::::::* cpe:2.3:a:openoffice:openoffice:1.1.0:::::::* cpe:2.3:a:openoffice:openoffice:1.1:::::::* cpe:2.3:a:openoffice:openoffice:1.0.2:::::::* cpe:2.3:a:openoffice:openoffice:1.0.1:::::::* cpe:2.3:a:openoffice:openoffice::::::::	34

OpenVAS Exploits

Date	Description
2009-04-09	Name : Mandriva Update for openoffice.org MDVSA-2008:095 (openoffice.org) File : nvt/gb_mandriva_MDVSA_2008_095.nasl
2009-03-23	Name : Ubuntu Update for hsqldb, openoffice.org/-amd64 vulnerabilities USN-609-1 File : nvt/gb_ubuntu_USN_609_1.nasl
2009-03-06	Name : RedHat Update for openoffice.org2 RHSA-2007:1090-01 File : nvt/gb_RHSA-2007_1090-01_openoffice.org2.nasl
2009-02-27	Name : Fedora Update for openoffice.org FEDORA-2007-4120 File : nvt/gb_fedora_2007_4120_openoffice.org_fc7.nasl
2009-02-27	Name : Fedora Update for openoffice.org FEDORA-2007-4172 File : nvt/gb_fedora_2007_4172_openoffice.org_fc8.nasl
2009-02-27	Name : Fedora Update for openoffice.org FEDORA-2007-762 File : nvt/gb_fedora_2007_762_openoffice.org_fc6.nasl
2009-02-24	Name : Fedora Update for hsqldb FEDORA-2007-4119 File : nvt/gb_fedora_2007_4119_hsqldb_fc7.nasl
2009-02-24	Name : Fedora Update for hsqldb FEDORA-2007-4171 File : nvt/gb_fedora_2007_4171_hsqldb_fc8.nasl
2009-02-17	Name : Fedora Update for openoffice.org FEDORA-2008-4104 File : nvt/gb_fedora_2008_4104_openoffice.org_fc7.nasl
2009-02-17	Name : Fedora Update for openoffice.org FEDORA-2008-9333 File : nvt/gb_fedora_2008_9333_openoffice.org_fc8.nasl
2009-02-17	Name : Fedora Update for openoffice.org FEDORA-2008-7531 File : nvt/gb_fedora_2008_7531_openoffice.org_fc8.nasl
2009-02-17	Name : Fedora Update for openoffice.org FEDORA-2008-5247 File : nvt/gb_fedora_2008_5247_openoffice.org_fc8.nasl
2009-02-17	Name : Fedora Update for openoffice.org FEDORA-2008-5239 File : nvt/gb_fedora_2008_5239_openoffice.org_fc7.nasl
2009-02-17	Name : Fedora Update for openoffice.org FEDORA-2008-3251 File : nvt/gb_fedora_2008_3251_openoffice.org_fc8.nasl
2009-01-28	Name : SuSE Update for OpenOffice_org SUSE-SA:2007:067 File : nvt/gb_suse_2007_067.nasl
2008-09-24	Name : Gentoo Security Advisory GLSA 200712-25 (openoffice openoffice-bin hsqldb) File : nvt/glsa_200712_25.nasl
2008-01-17	Name : Debian Security Advisory DSA 1419-1 (openoffice.org, hsqldb) File : nvt/deb_1419_1.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
40548	OpenOffice.org (OOo) HSQLDB Database Document Handling Unspecified Arbitrary ...

Nessus® Vulnerability Scanner

Date	Description
2013-01-24	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0213.nasl - Type : ACT_GATHER_INFO
2013-01-24	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0151.nasl - Type : ACT_GATHER_INFO
2013-01-24	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-1048.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20071205_openoffice_org__hsqldb_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20071205_openoffice_org2_on_SL4_5.nasl - Type : ACT_GATHER_INFO
2010-01-06	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-1048.nasl - Type : ACT_GATHER_INFO
2009-04-23	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-095.nasl - Type : ACT_GATHER_INFO
2008-05-09	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-609-1.nasl - Type : ACT_GATHER_INFO
2008-01-27	Name : The remote Fedora host is missing a security update. File : fedora_2007-4171.nasl - Type : ACT_GATHER_INFO
2008-01-27	Name : The remote Fedora host is missing a security update. File : fedora_2007-4119.nasl - Type : ACT_GATHER_INFO
2008-01-08	Name : The remote openSUSE host is missing a security update. File : suse_OpenOffice_org-4802.nasl - Type : ACT_GATHER_INFO
2007-12-31	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200712-25.nasl - Type : ACT_GATHER_INFO
2007-12-13	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_OpenOffice_org-4770.nasl - Type : ACT_GATHER_INFO
2007-12-11	Name : The remote Fedora Core host is missing a security update. File : fedora_2007-762.nasl - Type : ACT_GATHER_INFO
2007-12-11	Name : The remote Fedora host is missing a security update. File : fedora_2007-4172.nasl - Type : ACT_GATHER_INFO
2007-12-11	Name : The remote Fedora host is missing a security update. File : fedora_2007-4120.nasl - Type : ACT_GATHER_INFO
2007-12-07	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-1090.nasl - Type : ACT_GATHER_INFO
2007-12-07	Name : The remote openSUSE host is missing a security update. File : suse_OpenOffice_org-4769.nasl - Type : ACT_GATHER_INFO
2007-12-07	Name : The remote Debian host is missing a security-related update. File : debian_DSA-1419.nasl - Type : ACT_GATHER_INFO
2007-12-05	Name : The remote Windows host has a program that allows execution of arbitrary code. File : openoffice_231.nasl - Type : ACT_GATHER_INFO

Global Informations

Type	Count
CWE ID(s)	1
Oval ID(s)	3
CPE ID(s)	34
osvdb(s)	1
Openvas Exploit(s)	17
Nessus® Exploit(s)	20

	Related
9.3	CVE-2007-4575
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 1 more Alert(s)

9.3 - SUN-103141

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

CWE : Common Weakness Enumeration

OVAL Definitions

CPE : Common Platform Enumeration

OpenVAS Exploits

Open Source Vulnerability Database (OSVDB)

Nessus® Vulnerability Scanner

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU